CVE-2024-36019 – This vulnerability is an out-of-bounds memory a... (How to Fix)

Q: What is the severity of CVE-2024-36019?

CVE-2024-36019 has a CVSS score of 7.1 (HIGH). This vulnerability is an out-of-bounds memory access bug in the Linux kernel's regmap maple cache subsystem that can corrupt kernel memory. It affects Linux systems using the regmap framework for hardware register access. Attackers could potentially exploit this to cause system instability or gain elevated privileges.

📋 TL;DR

This vulnerability is an out-of-bounds memory access bug in the Linux kernel's regmap maple cache subsystem that can corrupt kernel memory. It affects Linux systems using the regmap framework for hardware register access. Attackers could potentially exploit this to cause system instability or gain elevated privileges.

💻 Affected Systems

Products:

Linux kernel

Versions: Specific affected versions not specified in CVE, but likely recent kernel versions before patches were applied.

Operating Systems: Linux distributions using vulnerable kernel versions

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects systems using regmap maple cache subsystem. The vulnerability was not detected by standard regmap tests because they only test with registers starting at 0.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel memory corruption leading to privilege escalation, system crash, or arbitrary code execution in kernel context.

🟠

Likely Case

System instability, kernel panics, or denial of service due to memory corruption.

🟢

If Mitigated

Limited impact if systems have proper kernel hardening, address space layout randomization (ASLR), and kernel page table isolation (KPTI).

🌐 Internet-Facing: LOW - Requires local access or ability to trigger specific regmap operations.

🏢 Internal Only: MEDIUM - Local attackers or malicious processes could exploit this to escalate privileges or crash systems.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires triggering specific regmap operations with non-zero register offsets. No public exploits known at this time.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Patches available in stable kernel trees (commits: 00bb549d7d63a21532e76e4a334d7807a54d9f31, 3af6c5ac72dc5b721058132a0a1d7779e443175e, 51c4440b9d3fd7c8234e6de9170a487c03506e53)

Vendor Advisory: https://git.kernel.org/stable/c/00bb549d7d63a21532e76e4a334d7807a54d9f31

Restart Required: Yes

Instructions:

1. Update Linux kernel to patched version. 2. Check with your distribution for specific kernel updates. 3. Reboot system after kernel update. 4. Verify kernel version matches patched release.

🔧 Temporary Workarounds

Disable regmap maple cache

linux

Disable the vulnerable regmap maple cache subsystem if not required

echo 'blacklist regmap_maple' >> /etc/modprobe.d/blacklist.conf
update-initramfs -u

🧯 If You Can't Patch

Restrict local user access and implement strict process isolation
Enable kernel hardening features like SELinux/AppArmor to limit impact

🔍 How to Verify

Check if Vulnerable:

Check kernel version and if regmap maple is loaded: lsmod | grep regmap_maple

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version is updated and check for presence of patched commits in kernel source

📡 Detection & Monitoring

Log Indicators:

Kernel panic logs
Out of bounds memory access errors in dmesg
System instability reports

Network Indicators:

None - local vulnerability only

SIEM Query:

Search for kernel panic events or out-of-bounds memory errors in system logs

📊 Metadata

CVE ID: CVE-2024-36019

CVSS v3 Score: 7.1 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

CWE: CWE-125

Published: May 30, 2024

Last Updated: September 18, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-36019, you might also want to check these: